Security Encyclopedia


A key is a sequence of symbols, letters, or numbers used to encode or decode information so that a conversation can be securely exchanged by and transmitted between its intended parties.

When used for encryption, keys determine how plaintext is converted to ciphertext, and vice versa. Keys are also used in digital signature schemes and for message authentication codes in similar uses.

Keys that are properly secured prevent unauthorized parties from gaining access to the encryption set forth by algorithms. Securing keys means they must be managed with processes for their issuance, ownership, and revocation.

Keys are sometimes confused with passwords, with the notable distinction that passwords and passphrases are intended to be remembered by a person. Key sequences can be unreasonably long and complex.


"Secure key management is an important part of a security framework. Keys are quite closely managed, for example key management authority is granted in accordance with the principle of least privilege."